Decem– Plugin removed from Plugin Directory.
#Backup and restore dropbox plugin free#
Decem– Added vulnerability to free data in the service’s companion plugin. Decem– Notified Plugin Directory of vulnerability. Decem– Contacted plugin’s developer about authenticated information disclosure vulnerability. Make sure to replace “” with the location of WordPress and “” with the object to be injected (must be base64 encoded). The following proof of concept will cause the specified object to be injected. Return unserialize( base64_decode( $str ) ) In the file /dropbox-backup.php the function wpadm_full_backup_dropbox_run() gets registered to run during init (so it runs whenever WordPress loads):įunction wpadm_run ( $pl, $dir ) The vulnerability in this plugin involves substantially similar code, but lets go through it anyway. In looking over that we quickly found a PHP object injection vulnerability and realized that the same issue was probably what hacker was targeting in this plugin. We haven’t heard back from them, but in the meantime we had what look to be probing for usage of one of their other plugins, Stats Counter. We quickly found an issue with the plugin’s handling of functions made available through WordPress’ AJAX functionality and notified the developer of the plugin of that issue and that that it looked like hackers were targeting the plugin. 
Seeing as we never have had that plugin installed, that request would be likely a hacker probing for usage of the plugin.
Last Friday we had a pair of requests on one of our websites for a file from the plugin Backup & Restore Dropbox, /wp-content/plugins/dropbox-backup/template/css/tool-bar.css.
0 kommentar(er)
